As with any other server daemon that is connected to outside world,
it is advisable to run PostgreSQL under a
separate user account. This user account should only own the data
that is managed by the server, and should not be shared with other
daemons. (For example, using the user nobody is a bad
idea.) It is not advisable to install executables owned by
this user because compromised systems could then modify their own
binaries.

To add a Unix user account to your system, look for a command
useradd or adduser. The user
name postgres is often used but is by no
means required.